Method and System for State Machine Security Device

1. A method for authorizing a transaction or an access via a security device, the method comprising: receiving power at the security device from a bridge device; sending a request for authentication from the security device to an authentication server through the bridge device; receiving an information request at the security device from the authentication server through the bridge device; in response to the received information request, sending a response from the security device to the authentication server through the bridge device, the response comprising a set of one or more bits generated based on a current state in a plurality of states of an authentication state machine in the security device; repeating said receiving and said sending the response for each information request a plurality of times to traverse the authentication state machine until sending a response to a last information request in the sequence of information requests, wherein the sets of bits sent to the authentication server comprise a sequence of reported bits; authenticating the security device within an electronic device that is communicating with the bridge device by the authentication server based on comparing of the sequence of reported bits with a sequence of expected bits used by the authentication server in uniquely identifying the security device; and authorizing the transaction or the access performed through the electronic device.

2. The method of claim 1 , wherein the security device comprises a credit card, and wherein the bridge device is a card reader.

3. The method of claim 1 , wherein the security device communicates with the bridge device using a short-range wireless communication comprising one of radio frequency identification (RFID) and Bluetooth, wherein the security device wirelessly receives power from the bridge device using said short-range wireless communication.

4. The method of claim 1 , wherein the security device communicates with the bridge device using near field communication (NFC), wherein the security device wirelessly receives power from the bridge device using NFC.

5. The method of claim 1 , wherein the security device communicates with the bridge device through a wired link, wherein the security devices receives power from the bridge through the wired link.

6. The method of claim 1 , wherein the security device is incorporated into a battery-less device, wherein the bridge device provides power to the battery-less device.

7. The method of claim 1 , wherein the security device is incorporated into a particular device, wherein after the security device is authenticated by the authentication server, the particular device receives an authentication code from the authentication server to perform a transaction or to access a website.

8. The method of claim 7 further comprising storing information regarding the transaction on the security device, wherein the stored transaction information is utilized to initialize the security device at a beginning of a subsequent authentication.

9. The method of claim 1 further comparing: determining a location of the security device at a time of the authentication of the security device; storing the determined location on the security device; and utilizing the stored location to initialize the security device at a beginning of a subsequent authentication.

10. The method of claim 1 , wherein the security device is initialized by the authentication server, at the beginning of each authentication or at the beginning of a subset of the authentications, to a particular state of the authentication state machine.

11. The method of claim 1 further comprising encrypting communication between the security device and the authentication server.

12. The method of claim 11 further comprising selecting by the security device, for the encryption of messages, a random private key associated with the security device, and communicating the selected random private key to the authentication server using public key encryption, the security device and the authentication server configured to switch to use the selected random private key after an exchange of the random private key.

13. The method of claim 11 , wherein said encrypting comprises utilizing one of a hash function, a symmetric key encryption algorithm, and an asymmetric key algorithm.

14. The method of claim 13 , wherein the hash function uses an SHA-based algorithm, wherein the symmetric key encryption algorithm comprises one of a block cypher algorithm, a data encryption standard (DES) based algorithm, an advanced encryption standard (AES) based algorithm, and stream cipher algorithms comprising RC4, and wherein the asymmetric key algorithm comprises RSA algorithm.

15. The method of claim 1 further comprising generating each reported set of bits in the sequence of reported bits from a particular state in the authentication state machine during the generation of the sequence of reported bits.

16. The method of claim 1 further comprising configuring the security device to traverse the authentication state machine in single state increments or variable number of state increments.

17. The method of claim 1 , wherein one or both of the security device and the authentication server configures a state mapping used in generating the sequence of reported bits based on the authentication state machine.

18. The method of claim 17 , wherein one or more of a number of states in the authentication state machine, a set of bits associated with each state in the authentication state machine, and a starting state in the authentication state machine are set or adjusted when configuring the state mapping.

19. The method of claim 1 , wherein the authentication server reconfigures, at the end of each authentication or at the end of a subset of the authentications, the generation of the reported bits by the security device and the sequence of expected bits such that a subsequent authentication is validated by a different state mapping.

20. The method of claim 1 further comprising authenticating by the security device, an identity of the authentication server before sending said set of bits to the authentication server, said authenticating comprising requesting the authentication server to provide validation data for comparison with local data maintained by the security device.

21. The method of claim 1 further comprising concurrently supporting multiple authentication sessions by the security device, the concurrent supporting comprising independently performing multiple concurrent authentications of the security device with one or more authentication servers.

22. The method of claim 1 , wherein the electronic device is one of a personal computer, a desktop computer, a laptop computer, a tablet computer, a mobile phone, a smartphone, a personal digital assistant, a personal media player, a gaming device, an image camera, a video camera, a battery-less electronic device, and a credit card.

23. The method of claim 1 , wherein authorizing the transaction or the access comprises: receiving an authorization number at the electronic device from the authentication server; and authorizing the transaction or the access after receiving the authorization number through a graphical user interface of the electronic device.

24. The method of claim 1 , wherein authorizing the transaction or the access comprises: receiving an authorization number at the electronic device from the authentication server; and authorizing the transaction or the access after said authorization number is wirelessly transmitted from the electronic device.